[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.64.0801222241460.30816@blonde.site>
Date: Tue, 22 Jan 2008 22:59:13 +0000 (GMT)
From: Hugh Dickins <hugh@...itas.com>
To: James Bottomley <James.Bottomley@...senPartnership.com>
cc: Andrew Morton <akpm@...ux-foundation.org>,
Jeff Garzik <jeff@...zik.org>,
Alan Stern <stern@...land.harvard.edu>,
linux-kernel@...r.kernel.org, linux-ide@...r.kernel.org,
linux-scsi <linux-scsi@...r.kernel.org>
Subject: Re: [PATCH rc8-mm1] hotfix libata-scsi corruption
On Tue, 22 Jan 2008, James Bottomley wrote:
>
> libsas looks to be OK because it specifically kmallocs a 512 byte buffer
> which should (for off slab data) be 512 byte aligned.
I don't remember the various SLAB and SLOB and SLUB rules offhand:
I'm not sure it's safe to rely on such alignment on all of them ....
> libata actually
> has an issue because the usual location for IDENTIFY_DEVICE data is
> inside a struct ata_device, which is highly unlikely to be correctly
> aligned. Fortunately, I think we can only get the bug if we actually
> cross a page boundary for non contiguous pages in the identify data,
> which a kernel allocation will never do, so libata should be safe as
> well.
.... but this would trump it: yes, we don't need 512-byte alignment
for this, and it is okay to cross a page boundary, just so long as
the start of the next page really belongs to our buffer not somebody
else's.
There doesn't seem much likelihood of anyone vmalloc'ing the buffer
in which that IDENTIFY_DEVICE gets done. Though this discussion
does make me wonder whether ata_pio_sector ought to have a BUG_ON
(and yes, a BUG_ON rather than a WARN_ON) against the possibility.
Hugh
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists